<?php
/**
 * Created by PhpStorm.
 * User: ysongyang
 * Date: 2016/6/6
 * Time: 12:00
 */
namespace Admin\Controller;

use Think\Controller;
use Org\Util\Rbac;
class CommonController extends Controller{

    function _initialize(){

        if (! isset($_SESSION[C('USER_AUTH_KEY')])) {
            $this->error('您没有权限访问，请先登录！','/'.MODULE_NAME . '/Login/index');
        }
        //获取不需要验证的控制器或方法
        $notAuth=in_array(MODULE_NAME,explode(',',C('NOT_AUTH_MODULE'))) || in_array(ACTION_NAME,explode(',', C('NOT_AUTH_ACTION')));
        if (C('USER_AUTH_ON') && !$notAuth) {
            Rbac::AccessDecision() || $this->error('权限不足或用户组被禁用！');
        }

    }
}
